[Openid-specs-ab] Please get me any feed back by Monday
ritou.06 at gmail.com
Sun Jun 6 05:12:32 UTC 2010
> "error":"Invalid code"
I approve of this form, too.
OAuth 2.0 will have parameter expressing a reason in Error Response.
However, it is necessary for all values of the error parameter to be
defined so that RP processes this response automatically.
- "invalid code"
- "invalid client_id"
- "invalid secret_type"
- "expired code"
Are all these described in AB Spec?
Or another specifications such as "OAuth Problem Reporting" may be necessary.
2010/6/6 Nat Sakimura <sakimura at gmail.com>:
> Hi Ryo,
> In the spirit of OpenID.authentication-2.0, it should return the response
> that is described in auth2.0's section 10.2.2.
> Thus, it would return something like:
> Perhaps it is better to write it down.
> Also, I feel that if the response can return more descriptive error
> it would be useful for developers. So, returning something like:
> "error":"Invalid code"
> might be better. What do you think?
> On Sun, Jun 6, 2010 at 2:23 AM, Ryo Ito <ritou.06 at gmail.com> wrote:
>> Hi , Nat
>> When RP included invalid code in "direct_assertion_req"(8.5),
>> How does OP return the Negative Assertion(8.6)?
>> Should OP describe that code is invalid in "mode" parameter?
>> 2010/6/4 Nat Sakimura <sakimura at gmail.com>:
>> > Hi.
>> > I got several feedback on Draft 9 off list. I incorporated them in Draft
>> > 10.
>> > If you have any feedback to the current draft10, please get it to me by
>> > Monday.
>> > I will try to incorporate them all. Once that is done, I will call it as
>> > the
>> > final for the public review.
>> > If there was no feedback, I take it as consent.
>> > NEXT STEP: Public Review
>> > According to my research(*1) , there are two options that we have right
>> > now:
>> > 1. Do it as Implementor's Draft (45 days)
>> > 2. Do it as Final Draft (60 days)
>> > I was originally planning to do it as 1., but we now seem to have Option
>> > 2.
>> > as well.
>> > There has never been a OpenID Spec that went through 1., so we might
>> > just as
>> > well do 2.
>> > Please indicate your preference as well.
>> > (*1) Clarification from Mike Jones. PAPE spec was finalized skipping the
>> > Implementor's draft. David R. stated opposition, but the vote went and
>> > it
>> > was accepted, so I presume this interpretation
>> > prevails. http://lists.openid.net/pipermail/openid-specs-pape/2008-December/000491.html
>> > From: Mike Jones <Michael.Jones at microsoft.com>
>> > Date: December 22, 2008 11:51:07 AM PST
>> > To: "david at sixapart.com" <david at sixapart.com>
>> > Cc: "specs-pape at openid.net" <specs-pape at openid.net>, Paul Madsen
>> > <paulmadsen at rogers.com>
>> > Subject: RE: [specs-pape] Feedback on PAPE 1.0 Draft 7
>> > Just as the passage you quoted says, working groups may recommend
>> > approval
>> > of any of the three types of specs: Implementer’s Draft, Final
>> > Specification, or Errata. It’s the working group’s choice whether to
>> > release a draft as an implementer’s draft - explicitly planning for
>> > another
>> > round of revision after implementation feedback, or a final draft,
>> > requiring
>> > revision only if feedback during the 60 days (including from
>> > implementations
>> > that occur during the 60 days). This working group has produced a final
>> > specification and recommended approval and the approval vote should
>> > commence
>> > today.
>> > --
>> > Nat Sakimura (=nat)
>> > http://www.sakimura.org/en/
>> > http://twitter.com/_nat_en
>> > _______________________________________________
>> > Openid-specs-ab mailing list
>> > Openid-specs-ab at lists.openid.net
>> > http://lists.openid.net/mailman/listinfo/openid-specs-ab
>> Ryo Ito
>> Email : ritou.06 at gmail.com
> Nat Sakimura (=nat)
伊東 諒 (Ryo Ito)
Email : ritou.06 at gmail.com
More information about the Openid-specs-ab